Video security systems and methods

ABSTRACT

Systems and methods for the remote verification and monitoring of conditions surrounding an alarm signal are disclosed. In an aspect, a security system can comprise a security gateway located at a premises, wherein the security gateway is operable to detect an alarm condition and to receive video of at least a portion of the premises relating to the alarm condition, a first network coupled to the security gateway, and a second network coupled to the security gateway. The security gateway can be configured to cause transfer of alarm information comprising at least a portion of the received video and a first notification of the alarm condition in substantially real time through only the first network. The security gateway can be further configured to cause transfer of a second notification of the alarm condition through the second network substantially simultaneously with causing transfer of the alarm information through the first network.

CROSS REFERENCE TO RELATED PATENT APPLICATION

This application is a continuation of U.S. application Ser. No.09/954,976, filed Sep. 18, 2001, which is a continuation-in-part of U.S.application Ser. No. 09/357,196, filed Jul. 20, 1999 and issued as U.S.Pat. No. 6,690,411, hereby incorporated herein by reference in theirentirety.

BACKGROUND

Additional Inherent in security systems is the problem of false alarms.In situations where local authorities are notified of alarms, falsealarms can result in the owner of the system being subject tosignificant fines. In addition, false alarms waste the limited resourcesavailable to the authorities to respond to legitimate alarm situations.It is therefore desirable that a security system permits verification ofdetected alarm conditions.

Conventional security systems typically protect a building usingmake/break contacts strategically placed at doors, windows, and otherpotential entry points. Sensors are installed on doors and/or windows.Motion sensors are installed in strategic areas inside the home. Otherdevices such as glass breakage detectors, panic or medical alertbuttons, low temperature and flood sensors can be installed as well.When the system is on and a sensor is tripped, a signal is sent througha wire, or using radio frequencies (on wireless systems), to the maincontroller which sounds a siren and dials out via telephone or cellularservice to the monitoring station whenever an alarm occurs.

When a contact is broken and an alarm is sounded or relayed to a centralcontrol station located within the building, nearby to the building, orremotely to a central control station of the security company. Besidesmake/break sensors, security companies also use P.I.R. (passiveinfrared) sensors which sense heat differences caused by animate objectssuch as humans or animals. Also used are vibration sensors which, whenplaced upon a window for example, detect when the window is broken, andradio frequency (rf), radar, and microwave sensors, as well as lasersensing. As with the make/break sensors, when any one of the sensorsindicates a detection, a system alarm is indicated. A trouble indicationis also given if an alarm unit for the building to which the sensors areconnected senses that a path to a sensor is interrupted or broken.

With many current alarm systems, all that the receiver of an alarm,whether at a local or remote central station, knows is that an alarm hasoccurred. However, the occurrence of an alarm provides no indication asto its cause. Thus, the operator has no other knowledge by which he candetermine if an alarm signals the presence of a real intruder, or if itis a false alarm. Sensors may commonly go off during inclement weather(they are sensitive to large electromagnetic fields such as occurringduring lightning conditions). Such an erroneous condition is properlyreferred to as a false alarm. Regardless of why they occur, all falseand unwanted alarms detrimentally affect the efficiency and operation ofa security system.

Many criteria determine whether or not an alarm condition exists. Forexample, when a person opens a door monitored by a sensor, a potentialalarm condition is created. However, an alarm system typically has akeypad or other coded system control by which, if an appropriate entryis made within a prescribed period of time, signifies that the alarmcondition is not to be acted upon. Rather, the entrant is someoneauthorized to enter the premises. Further, the class of intruder (e.g.,human or animal) may be perfectly acceptable in one set ofcircumstances, but not so in another. The common situation is one wherean intruder is a human, and his presence results in an alarm beinggiven.

One technological approach to obtaining such verification is through theuse of separate audio monitors operating in concert with separate alarmsensors. U.S. Pat. Nos. 4,591,834 and 4,918,717 are directed to suchsystems. For example, U.S. Pat. No. 4,591,834 refers to the use ofminiature, low-frequency dynamic microphones. Alarm activities noted atthe microphones are verified via a separate network of discriminatorsensors which comprise geophones. Signal processing techniques areutilized to distinguish alarm activity. Intrusion and discriminatorsensors are arranged in known patterns comprised of multiple sensors ofeach type. U.S. Pat. No. 4,918,717 refers to a system wherein a numberof microphones are distributed about a secured premises in relation toother intrusion sensors. Upon detection of an intrusion alarm, themicrophones can be manually enabled one at a time from the centralstation to allow an operator to listen to audio activity in proximity tothe sensor alarm.

Another approach is the use of video images to monitor a location.However, in prior art devices these images have been low-resolution,freeze-frame pictures, making it difficult for a viewer to discern whatis being shown. In addition, in many prior art devices, the video imagesmay not be received by the monitoring party until several moments havepassed after the recorded event has actually taken place likely causingany response to be late and less effective.

An additional problem with some existing security systems is that once aperson has left the property, it is common for that person to worry thathe or she has forgotten to activate or arm the security system. Inaddition, such persons may have the desire to monitor the property evenin the absence of alarm conditions. Further, a person may have thedesire to modify aspects of the security system while they are absent.In prior art systems, it has been necessary to telephone a neighbor toask them to check on the property and report back to the person.

SUMMARY OF THE INVENTION

The present invention overcomes the above-described problems with priorart security systems.

In one broad respect, the present invention is directed to a securitysystem comprising a security gateway located at a premises, wherein thesecurity gateway is operable to detect an alarm condition and to recordvideo of at least a portion of the premises relating to the alarmcondition, said video hereinafter referred to as Alarm Video, a securitysystem server operatively coupled to the security gateway through afirst network, wherein the security gateway is configured to notify thesecurity system server of the alarm condition and to transfer the AlarmVideo to a security system server in substantially real time through thefirst network, and wherein the security system server is furtheroperatively coupled to the security gateway through a second network,wherein the security gateway is configured to notify the security systemserver of the alarm condition through the second network. In a narrowrespect, the security gateway is further configured to notify thesecurity system server of the alarm condition through the first networksubstantially simultaneously with notifying the security system serverof the alarm condition through the second network. In another narrowrespect, the first network is an IP network. In another narrow respect,the first network is an Ethernet-based network. In another narrowrespect, the first network comprises the Internet. In another narrowrespect, the first network comprises a frame relay network. In anothernarrow respect, the first network comprises a hybrid-fiber coaxialnetwork. In another narrow respect, the first network comprises afiber-optic network. In another narrow respect, the first networkcomprises a DSL network. In another narrow respect, the first networkcomprises an ATM network. In another narrow respect, the first networkcomprises a high-speed fixed wireless network. In another narrowrespect, the first network comprises a high-speed mobile communicationsnetwork. In another narrow respect, the second network comprises apublic switched telephone network. In another narrow respect, the secondnetwork comprises a fixed wireless network. In another narrow respect,the second network comprises a mobile communications network. In anothernarrow respect, the security gateway is further operable to record audiofrom at least a portion of the premises relating to the alarm condition,said audio referred to hereinafter as Alarm Audio, and wherein thesecurity gateway is further configured to transmit said Alarm Audio tothe security system server through the second network in substantiallyreal time. In another narrow respect, the security system server isconfigured to provide notification of the alarm condition to a publicsafety agency. In a narrower respect the security system server isfurther configured to provide the Alarm Video to the public safetyagency. In another narrow respect, the security gateway is furtheroperable to record audio from at least a portion the premises relatingto the alarm condition, said audio referred hereinafter as Alarm Audio,and wherein the security gateway is further configured to transmit saidAlarm Audio to the security system server through the first network insubstantially real time.

In another broad respect, the present invention is directed to asecurity system comprising a security gateway located at a premises,wherein the security gateway is operable to detect an alarm conditionand to record video of at least a portion of the premises relating tothe alarm condition, said video hereinafter referred to the Alarm Video,wherein the security gateway further comprises a network interface, andwherein the network interface is configured to connect the securitygateway to a cable headend through a first network, wherein said firstnetwork is a hybrid-fiber-coaxial network; and a security system serverconfigured to connect to the cable headend through a second network,wherein the security gateway is configured to notify the security systemserver of the alarm condition and to transfer the Alarm Video to asecurity system server in substantially real time. In a narrow respect,the second network is a dedicated bandwidth network. In another narrowrespect, the second network comprises a frame relay network. In anothernarrow respect, the second network comprises an ATM network. In anothernarrow respect, the second network comprises a managed IP connectionhaving quality of service. In another narrow respect, the securitygateway is operatively coupled to the security system server through athird network, the security gateway being further configured to notifythe security system server of the alarm condition through the thirdnetwork. In a narrow respect, the third network comprises a publicswitched telephone network. In another narrower respect, the thirdnetwork comprises a fixed wireless network. In another narrower respect,the third network comprises a mobile communications network. In anothernarrow respect, the security gateway is further operable to record audiofrom at least a portion the premises relating to the alarm condition,said audio referred hereinafter as Alarm Audio, and wherein the securitygateway is further configured to transmit said Alarm Audio to thesecurity system server through the second network in substantially realtime. In another narrow respect, the security system server isconfigured to provide notification of the alarm condition to a publicsafety agency. In a narrower respect, the security system server isfurther configured to provide the Alarm Video to the public safetyagency.

In another broad respect, the present invention is directed to asecurity system for providing security monitoring services for acustomer comprising a security gateway located at a premises designatedby the customer, wherein the security gateway is operable to detect analarm condition and to record video of at least a portion of thepremises relating to the alarm condition, said video hereinafterreferred to as the Alarm Video, wherein the security gateway furthercomprises a network interface, and wherein the network interface isconfigured to connect the security gateway to a DSLAM through a firstnetwork, wherein the first network is a DSL network; and a securitysystem server connected to the DSL through a second network, wherein thesecurity gateway is configured to notify the security system server ofthe alarm condition and to transfer the Alarm Video to a security systemserver in substantially real time. In a narrow respect, the secondnetwork is a dedicated bandwidth network. In another narrow respect, thesecond network is a frame relay network. In another narrow respect, thesecond network is an ATM network. In another narrow respect, the secondnetwork comprises a managed IP connection having quality of service. Inanother narrow respect, the security gateway is operatively coupled tothe security system server through a third network, the security gatewaybeing further configured to notify the security system server of thealarm condition through the third network.

In another broad respect, the present invention is directed to asecurity system for providing security monitoring services comprising asecurity gateway located at a premises designated by a user, wherein thesecurity gateway is operable to detect an alarm condition and to recordvideo of at least a portion of the premises relating to the alarmcondition, said video hereinafter referred to the Alarm Video, asecurity system server operatively coupled to the security gateway and adata center, the data center comprising a user information database,comprising data about the user, said data referred to hereinafter asUser Data, wherein the security gateway is configured to notify the datacenter of the alarm condition and to transfer the Alarm Video to thedata center in substantially real time, wherein the security systemserver is operable to associate the Alarm Video with at least a portionof the User Data, said portion of the User Data referred to hereinafteras Associated User Data, and a monitoring client operatively coupled tothe monitoring client, wherein the data center is configured to transferthe notification of the alarm condition, the Alarm Video and AssociatedUser Data to the monitoring client, and wherein the monitoring client isconfigured to display at least a portion of the Alarm Video and theAssociated User Data on the monitoring client. In a narrow respect, themonitoring client is at a central monitoring station. In another narrowrespect, the security gateway is further operatively coupled to acentral monitoring server at the central monitoring station, and whereinthe security gateway is configured to transfer a notification of thealarm condition to the central monitoring server. In another narrowrespect, the data center is further operable to store the notificationof the alarm condition in the user information database. In anothernarrow respect, the data center is further operable to store the AlarmVideo in the user information database.

In another broad respect, the present invention is directed to asecurity system for providing security monitoring services for aplurality of users comprising a plurality of security gateways, eachlocated at a premises, wherein each security gateway is operable todetect an alarm condition and to record video of at least a portion ofits respective premises relating to the alarm condition, said videohereinafter referred to the Alarm Video; a security system serveroperatively coupled to the plurality of security gateways, the securitysystem server comprising a user information database, comprising dataabout each of the plurality of users, said data referred to hereinafteras User Data, wherein each security gateway is configured to notify thesecurity system server of the alarm condition and to transfer the AlarmVideo to the security system server in substantially real time, whereinthe security system server is operable to associate the Alarm Video withat least a portion of the User Data, said portion referred tohereinafter as Associated User Data; and a monitoring client operativelycoupled to the security system server, and wherein the security systemserver is configured to transfer the notification of the alarmcondition, the Alarm Video and Associated User Data to the monitoringclient, and wherein said monitoring client is configured to display atleast a portion of the Alarm Video and the Associated User Data. In anarrow respect, the security system server is further operable to storethe notification of the alarm condition in the user informationdatabase. In another narrow respect, the security system server isfurther operable to store the alarm video in the user informationdatabase. In another narrow respect, the monitoring client is at acentral monitoring station.

BRIEF DESCRIPTION OF THE DRAWINGS

The following drawings form part of the present specification and areincluded to further demonstrate certain aspects of the presentinvention. The invention may be better understood by reference to one ormore of these drawings in combination with the detailed description ofspecific embodiments presented herein.

It is to be noted, however, that the appended drawings illustrate onlyexemplary embodiments of the invention and are therefore not to beconsidered limiting of its scope, for the invention may admit to otherequally effective embodiments. In addition, although the figures maydepict embodiments wherein each of the components represent differentdevices or locations, they can be combined into a single device orlocation. In addition, a single component may be comprised of acombination of components.

FIG. 1 is a simplified block diagram of a security system according toone embodiment of the disclosed system and method.

FIG. 2 is a more detailed block diagram of a security system accordingto one embodiment of the disclosed system and method.

FIG. 3 is a simplified block diagram of a security system utilizing thecable infrastructure according to one embodiment of the disclosed systemand method.

FIG. 4 is a block diagram of a security system featuring redundancyaccording to one embodiment of the disclosed system and method.

FIG. 5 is a flowchart of the operation of the security system accordingto one embodiment of the disclosed system and method.

FIG. 6 is a more detailed block diagram of a security gateway accordingto one embodiment of the disclosed system and method.

FIG. 7 is a more detailed block diagram of a security system accordingto one embodiment of the disclosed system and method.

FIG. 8 is a flowchart of depicting the operation of a remote terminalaccessing a security system according to one embodiment of the disclosedsystem and method.

DESCRIPTION OF ILLUSTRATIVE EMBODIMENTS

The present invention addresses several shortcomings of the prior artwith a security system and framework that is configured to deliverreal-time information, including video and/or about alarm conditions tomonitoring personnel for them to verify alarm conditions and takeappropriate follow up action. As a further advantage, the framework maybe easily adapted for use in other applications that incorporatereal-time information and video delivery.

The term “security system” is used broadly to mean a system formonitoring a premises, e.g., for the purpose of discouraging andresponding to burglaries, fires, and other emergency situations. Such asecurity system is suited for residential homes, but may also find usewith schools, nursing homes, hospitals, businesses or any other locationin which real-time information may be useful in obtaining adequateresponse upon the occurrence of alarm conditions. By integratingbroadband features, including audio and video capabilities, web accessand wireless capabilities, embodiments of the present invention providesaudio and video alarm verification, 24-hour monitoring capabilities, anda secure web-site with remote access features and security-focusedcontent. Embodiments of the present invention may be used to reducefalse alarms, improve police effectiveness, and generally increase itsusers' peace of mind while they are away from home.

Referring to the drawings, FIG. 1 is a high-level block diagram of anexemplary security system according to one embodiment of the presentinvention. The security system 100 includes a security gateway 115 (alsocalled a “base station”), which is typically located at the desiredpremises 110 to be monitored, and a monitoring client 133, typicallylocated at a central station and operatively coupled to security gateway115 through a network 120. Often, security gateway 115 is located at thetarget site. However, on some occasions, some or all components ofsecurity gateway 115 may be located remotely, but remain operativelycoupled to security sensors 105 and video cameras 112 which are at thepremises. Upon detection of an alarm condition, security gateway 115captures video (usually through an attached video camera 112) of thetarget site, and sends the video to security system server 131 in realtime.

For purposes of the present invention the term “premises” refers to anylocation to be monitored, whether residential, commercial, public, orsecured. Further, the term “a” is generally used in the presentdisclosure to mean one or more. Still further, the terms “coupled” and“operatively coupled” mean connected in such a way that data may beexchanged. It is understood that “coupled” and “operatively coupled” donot require a direct connection, a wired connection, or even a permanentconnection. It is sufficient for purposes of the present invention thatthe connection(s) be established for the sole purpose of exchanginginformation.

In general, network 120 may be a public network or private network, asingle network or a combination of several networks. In mostembodiments, network 120 may be, but is not required to be, an IP-basednetwork. In some embodiments it may be desirable for all or a portion ofnetwork 120 to include publicly available networks, such as theInternet, to avoid the need for installing, purchasing, or leasingadditional infrastructure. However, in some systems, e.g. those that usehigh-bandwidth transmissions, it may be desirable to include dedicatedhigh-bandwidth connections including, without limitation, as leasedlines, frame relay networks, and ATM networks, within network 120.Further, in some systems it may be desirable to use a network 120 withquality of service guarantees given the real-time nature of theinformation that is transmitted.

In the present disclosure, the term “high-speed” or “high-bandwidth”connections generally means those connections capable of providingenough bandwidth for data to be transmitted to the central station inreal-time. In one embodiment, high-speed connections are those capableof transmitting at speeds of at least 128 KBPS. High-speed connectionsinclude but are not limited to cable modem connections, xDSLconnections, and high-speed wireless connections.

Generally, security gateway 115 is a processor-based device thatfunctions to detect alarm conditions at a target site, to captureinformation relating to such alarm conditions, and upon occasion of analarm condition, to send such information ultimately to security systemserver 131 for verification and response. Monitoring client 133 isgenerally a software program that may be used to display some or all ofthe information provided by security gateway 115. Monitoring client 133may be a stand-alone program or integrated into one or more existingsoftware programs. One or more operators may then use this informationto evaluate whether the alarm condition corresponds to an actual alarmcondition and then take additional action, if desired, such as alertingthe appropriate authorities. Advantageously, in many instances theincidence of false alarm being reported to the authorities is reduced,and the response effectiveness of the authorities is improved.

Security system 100 may include one or more sensors 105 coupled tosecurity gateway 115 to detect alarm conditions. Security system 100 isnot limited to any specific type or model of sensor 105. Any sensor 105may be used, depending on the desired type and level of protection.Examples include, without limitation, magnetic contact switches, audiosensors, infrared sensors, motion detectors, fire alarms, and carbonmonoxide sensors. Alarm sensors 105 may be wired directly into an alarmcontrol panel built into security gateway 115 or they may be wirelesslyconnected. The type of sensor 105 to be used depends on the specificapplication for which security system 100 is designed. In someembodiments, multiple alarm sensors 105 may be used. In such multiplesensor embodiments, security gateway 115 may consider data from all,some, or one of sensors 105 in the detection of alarm conditions.

In addition, security system 100 includes one or more video cameras 112that is operable to capture video of monitored premises 110. Camera 112may be (but is not required to be) a 360-degree camera or a panoramiccamera. In addition, security gateway 115 may be configured to create anassociation between one or more sensors and an associated video camera112. Whether separate alarm sensors 105 are present or not, securitygateway 115 may use video from video camera 112 to assist in thedetermination of whether an alarm condition exists and thereby whetherto generate and send an alarm signal to the security system server 131.For example, in one embodiment, sensors 105 such as motion detectors,infra-red and audio sensors may be replaced by an intelligent alarmmodule that is able to detect motion or intrusion by analyzing the videoimage generated from camera 112. In another embodiment, security gateway115 may analyze images from camera 112 and audio sound from an audiosensor 105 to detect an alarm condition. In some embodiments, thesensitivity of system 100 may be adjusted to account for the size andspeed of intruders. For example, system 100 may be adjusted to triggeran alarm if a person walks across a monitored area but not a dog walkingacross the same area. Advantageously, a visual intelligent securitysystem based on changes in the video image eliminates the need for manysometimes-expensive hardware sensors. Intelligent alarm applicationstypically require a significant amount of processing by security gateway115, but may be easier to setup, maintain and upgrade since they aregenerally programmable. In one embodiment described below in greaterdetail, security gateway 115 may include a processor and memory torecord and process video information for the intelligent alarmapplication.

The alarm video sent to the security system server 131 preferably beginsat least just prior to the occurrence of the alarm condition and may endupon after the conclusion of the alarm condition, or alternatively,after a specified duration. Preferably, the segment shows enough of atime period to provide monitoring personnel with enough information todetermine whether the alarm signal is a false alarm or not. In someembodiments, the segment of real-time video may be compressed using anycompression techniques known by one of skill in the art. For example,this may involve the use of video compression algorithms such as “mpeg.”Further, the resolution and/or color depth of the video may be reducedto reduce the required transmission bandwidth.

In one embodiment, alarm video is transmitted at least 3 frames persecond. In addition, the alarm video may have an end resolution (i.e.,after interpolation and/or image enhancement, etc.) of 320 pixels by 240pixels or higher, and optionally may be transmitted in color. Further,said alarm video may but is not required to include a correspondingaudio portion.

It is noted that the present invention is not limited to any particularaudio, video, or communications standards. The present invention mayincorporate any such standards, including, without limitation: H.323,ADPCM, H.263, MPEG, UDP, and TCP/IP.

In some embodiments, security gateway 115 may be installed similar to aconventional security system, e.g., mounted between studs in anunfinished area of the residence, for example a utility room.Preferably, cabling to security gateway 115 is restrained such that thecables cannot be pulled out of the unit, and security gateway 115 panelmay be in a cabinet that can be locked to prevent unauthorized physicalaccess.

In addition, because security gateway 115 is coupled to a network 120,it may be desirable to implement precautions to minimize risk fromhackers, e.g., by minimizing the number of access points for hackers whomight try to gain access to the unit. In addition, communication withsecurity gateway 115 may be restricted and security gateway 115 maystrictly control access, similar to a firewall with most ports blockedand having no external way to open them.

In addition, some embodiments of the present invention may include thefunctionality to allow access to security gateway 115 and securitysystem server 131 using a remote station 155 operatively coupled tosecurity gateway 115 and security system server 131. Remote user 155must first be authenticated by security system server 131. It is notedthat the present invention contemplates the use of any authenticationtechniques. Once authenticated, remote user may access some or all ofthe features of base station 115. These features may include, withoutlimitation, arming or disarming the security system; adjustingsensitivities of sensors (if present); adjusting alarm conditiondetection sensitivity; remote surveillance; adjusting camera settings;and reviewing alarms and recordings. These functions may also includeremote surveillance, referred to as “lifestyle video.”

Remote user 155 may connect to security system server 131 and basestation 115 (after authentication) through network 120. Because a remoteuser does not necessarily need real-time access to alarm video, alow-bandwidth connection may be used to connect remote station 155 tosecurity system server 131 and base station 115. After authentication,security system server 131 may be configured to create a data connectionbetween remote station 155 and security gateway 115 such thatcommunications between remote station 155 and security gateway 115bypass security system server 131. Advantageously, this avoids networkbottlenecks at the security system server 131, particularly whentransmitting large amounts of data such as during the transmission ofstreaming video.

In one embodiment, remote user 155, once authenticated, may performremote surveillance through base station 115. The remote surveillancefeature allows remote user 155 to view all or portions of the videosignal from video camera 112. Depending on the bandwidth of theconnection, the video may be of a lower quality than that transmitted tosecurity system server 131 for verification of alarm signals. Forexample, in one embodiment, the video transmitted to remote user 155 mayhave a lower frame rate, lower resolution, and/or lower color depth. Inaddition, remote user 155 may be able to configure the quality of thevideo for remote monitoring. To address privacy concerns, an audio orvisual indicator may be included to allow occupants at the premises toknow that they are under remote surveillance.

In some embodiments, security gateway 115 may include a secondary alarmnotification for transmitting alarm notifications to the security systemserver 131 through a secondary network. Such a system providesadditional security in the event the primary system is damaged due to,for example, an accident, sabotage, or system failure. For example, thesecondary network may include the public switched telephone network fortransmitting alarm notification to security system server 131. Otherexamples of the secondary network include, without limitation, a fixedwireless network or mobile communications network.

In these embodiments, alarm notification may be sent at approximatelythe same time (or substantially simultaneously) through both network 120and the secondary alarm notification network. Advantageously, thisensures that the security system server 131 is alerted of the alarmcondition as early as possible.

In addition, security system server 131 may be operable to detectwhether security gateway 115 is properly coupled to it. For example, inone embodiment, security system server 131 may “ping” security gateway115 on a regular basis through network; if security system server 131does not receive a response from security gateway 115, monitoringpersonnel at security system server 131 can take appropriate action. Inthis embodiment, it is preferable that security system server 131 mayping security gateway 115 with enough frequency such that appropriateaction may be taken in a timely manner if security gateway 115 becomesuncoupled from security system server 131. More particularly, securitysystem server 131 may be configured to ping security gateway 115 atleast once every minute. Alternatively, the security gateway 115 may beconfigured to send a periodic heartbeat notification to the securitysystem server 131. In these embodiments, the security system server 131would expect to receive a heartbeat notification message once duringeach predefined interval. If a heartbeat message is not received, thesecurity system server 131 would know that there may be a problem, andmonitoring personnel may take the appropriate follow up action, such ascontact the person responsible for the premises.

Additionally, security gateway 115 may be configured to detect if itsnetwork connectivity is lost, and send notification to the securitysystem server 131 via the secondary backup. If network connectivity islost while the system is disarmed, but the system is armed beforenetwork connectivity is restored, notification is again via thesecondary alarm notification network.

FIG. 2 depicts an embodiment of the present invention where the securitysystem server 131 and monitoring client 133 are located at two separatelocations—namely, a data center 132 and a central monitoring station(“CMS”) 136. As shown, security gateway 115 is operatively coupled todata center 132 through network 120, which is, in turn, operativelycoupled to central monitoring station 136 through network 134. Any alarmnotification and video information sent by security gateway 115 istransmitted to the security system server 131 at the data center 132.The security system server 131 logs the alarm notification and retrievesinformation about the customer, which may include, without limitation,any prior alarm notifications or events. The security system server 131also transmits the alarm notification and video information, along withany additional information, to the central monitoring station 136, whereit may be displayed on monitoring client 133. One or more operators atthe CMS 136 may then use this information to determine if an alarmcondition exists.

CMS 136 generally is a centralized monitoring facility containing one ormore monitoring clients 133 and staffed by monitoring personnel. Inparticular, CMS 136 may be staffed by one or more monitoring agents oroperators that are trained to review alarm video on monitoring client133 and determine whether an alarm condition exists. Because of thesensitive nature of the job, it may be desirable that access tooperations rooms at the CMS 136 be restricted, and employees working atCMS 136 be subjected to drug testing and reference and backgroundchecks. In addition, in some states, security system employees must beregistered for security monitoring, which may require submission offingerprints as well as a criminal background check against bothDepartment of Public Safety and FBI records. With respect to training,it may be desirable for CMS 136 personnel to attend Securities IndustryAssociation (SIA) training, which includes basic alarm system trainingas well as training on the security system server 131 and the telephonesystem.

Monitoring client 133 notifies monitoring personnel of alarm conditionsand manages responses to these events. In addition, monitoring operatorsmay use monitoring client 133 to retrieve customer information, passcodes, and provide summaries of previous events. Monitoring operatorsmay access audio and video data associated with the current alarmcondition. Monitoring client 133 may also allow monitoring personnel toreview audio and video content associated with closed (i.e. historical)alarm conditions. Though the central monitoring station may be describedconceptually as “centralized,” it may actually consists of severalphysically distributed locations.

In addition, with the configuration depicted in FIG. 2,technology-intensive equipment including the security system server 131may be kept in the data center 132 where physical access to data center132 may be strictly controlled. Advantageously, in this configuration,non-technical personnel may be kept away from the sophisticated andexpensive equipment in the data center 132, and the non-security-relatedpersonnel would not have access to sensitive alarm videos.

In the illustrative embodiment, communications between security gateway115, data center 132, and CMS 136 occurs through a combination of publicand private networks. In particular, security gateway 115 is coupled todata center 132, which is coupled to CMS 136 through network 134. In oneembodiment, network 120 is a publicly available network and network 134is a dedicated network, such as a leased line, frame relay network, orATM network. Advantageously, maintaining dedicated lines between headend320 and data center 132 and between data center 132 and monitoringclient 133 provides a secure connection from headend 320 to monitoringclient 133. In another embodiment, not shown, data center 132 may becoupled to CMS 136 through network 120.

In addition, in some embodiments, part or all of central monitoringstation 136 may be implemented in a redundant manner at differentnetwork locations, as discussed below with respect to FIG. 4.

Uninterruptible power supplies and/or backup generators may be used atthe data center 132 and central monitoring station 136 to protectagainst power surges and blackouts. In addition, in some embodiments,the perimeter of the operations rooms at the data center 132 and centralmonitoring station 136 is fire resistant. Also, in some embodiments,data center 132 and CMS 136 may be implemented in several locations. The“data center” would then refer to the aggregate of all of them and theblock diagram would show the conceptual relationship. Also, data center132 and CMS 136 may have redundant systems to guard against failure. Inaddition, in some embodiments, data center 132 and CMS 136 may becoupled through separate redundant connections. Advantageously, the useof some or all of the preceding precautions helps to ensure that thesystem perform reliably even in the face of disaster conditions.

In other embodiments, not shown, the security system may include aplurality of distributed monitoring clients 133, which may be located atone or more locations, coupled to security system server 131. One ormore of such monitoring clients 133 may be located at a centralmonitoring station, but some monitoring clients 133 may be located atother locations. In one embodiment, at least some of the monitoringclients 133 are coupled to the security system server 131 through theInternet. With all such embodiments, security system server 131 mayroute an alarm notification and alarm video to one or more monitoringclients 133 based using rules-based routing. For example, an alarmnotification and related video may be delivered to one or moremonitoring clients 133 that have the current availability to reviewthem. Other criteria that may be considered by a rules-based routingengine include, but are not limited to, geographical location of themonitoring client 133, skills of the monitoring client 133, and networkefficiencies.

As shown in FIG. 3, some embodiments of the present inventioncontemplate the use of the cable television infrastructure (which mayinclude, without limitation, HFC plant 315 and cable headend 320) andcable modem technology for the broadband transmission and receipt ofinformation. As shown, security gateway 11S may be coupled throughheadend 320 to a security system server 131, which is further coupled tomonitoring client 133. In a typical configuration, numerous securitygateways 115 would be connected to a single headend 320. Similarly,several headends 320 may be coupled to each security system server 131.

Advantageously, the broadband connection provided by a cable modemconnection provides the high throughput that is required fortransferring large amounts of data, as is required when transmittingvideo. Accordingly, high-quality video may be transmitted from thesecurity gateway 115 in substantially real-time to security systemserver 131, where it may be distributed to monitoring client 133. Thisallows personnel using monitoring 133 to review the video while there isstill time to take action. A further advantage is that the cableinfrastructure is already in place for many homes and businesses,reducing installation costs.

There are two main cable modem standards, the Multimedia Cable NetworkSystem (MCNS)'s Data Over Cable Service Interface Specification(DOCSIS), and the 802.14 from the Institute of Electronics andElectrical Engineering (IEEE), which are hereby incorporated byreference. The present invention contemplates the use of these and othercable modem standards.

In a typical large market cable network, a regional cable headend 320(typically serving up to 200,000 to 400,000 homes) feeds distributionhubs (each serving up to 20,000 to 40,000 homes) through a metropolitanfiber ring. At the distribution hub, signals are modulated onto analogcarriers and then transported over fiber-optic lines to nodes (notshown) serving up to 500 to 1,000 locations. From the node, thesesignals are carried via coaxial cable to a home or business.

Headend 320 receives television signals via satellite and localbroadcast and converts them to signals that can be sent over coaxialcable to subscribers. To deliver digital data, headend 320 controllermodulates the IP packets, encodes them as a digital signal, andbroadcasts the signal down the cable on an unused channel. The cablemodem demodulates the incoming signal and translates it back into IPpackets the computer can understand. The cable modem also sends dataupstream to the Internet through the cable system. At the user location,the television signal is received by a set-top box, while user data isseparately received by a cable modem box.

Older cable networks used a large amount of coaxial cable (in atree-and-branch topology) with the associated need for many amplifiers.Many modern networks, such as the one depicted, operate over a hybridfiber/coax (HFC) plant 315, with increasingly high fiber content, comingwithin a few hundred meters of subscribers' locations. In particular,they may have fiber-optic backbones that terminate in fiber coaxialneighborhood node. The combination of deeper fiber penetration in thecable access network combined with modern digital modulation techniqueshas increased the bandwidth that can be delivered to cable customers. Itis noted that other cable infrastructures may be used without departingfrom the scope of the invention.

Still referring to FIG. 3, headend 320 includes a connection to securitysystem server 131 through network 325. In some embodiments, theconnection between headend 320 and security system server 131 is adedicated and/or guaranteed connection, such as through a frame relaynetwork (as shown). An advantage to having such a connection is a levelof service and/or bandwidth that may be difficult to obtain over publicnetworks such as the Internet. Specifically, with existing TCP/IPnetwork such as the Internet, a degree of latency and unpredictabilityare often unavoidable. However, in some embodiments, such latency andunpredictability may be acceptable.

In other embodiments, other broadband infrastructures such as DSL,fiber, and wireless may be used without departing from the scope of theinvention. In such other embodiments, it may be desirable to have adedicated or private connection to the security system server 131 froman aggregation point in the infrastructure (such as the cable headend incable modem networks, and the DSLAM in DSL networks).

Embodiments of the present invention may incorporate redundancy for someor all of the components of the security system 100 to ensure that alarmconditions are responded to as quickly as possible, even in the event ofpartial system failure. FIG. 4 illustrates one such embodiment. Asshown, both the data centers 132 and central monitoring stations 136 areimplemented redundantly. It is understood by one of skill in the artthat the present invention is not limited to the architecture depictedin FIG. 4. Any other existing or future redundancy or load-balancingtechnology may be used without departing from the scope of the presentinvention.

Referring now to FIG. 5, a flowchart diagram is shown illustrating theoperation of a security system as described above, according to oneembodiment of the present invention.

In step 510 security gateway 115 detects an alarm conditioncorresponding to a possible alarm event. This may result from atriggered sensor, analysis of recorded video, the pressing of a panicbutton, or any combination thereof. Optionally, upon detection of analarm condition, security gateway 115 may activate 515 a siren, ring abell, and/or otherwise sound an audio alarm on the premises.Advantageously, this may scare away any intruder(s) while an operator atthe central monitoring station verifies the alarm signal. As a furtheroption, after security gateway 115 detects an alarm, either the securitygateway 115 or security system server 131 may also transmit the alarmsignal and alarm video corresponding to the alarm conditionautomatically to customer (whose home, business, or other location isbeing monitored) at an email address by any other electronic means.

In step 520, upon detection of an alarm event 510, alarm information maybe sent from security gateway 115 to the security system server 131 andmay include a notification of the alarm event and information relatingto the alarm event, which may include alarm video. In the presentdisclosure, the term “alarm video” shall mean generally a segment ofvideo corresponding in time to an alarm condition and may include audio.The alarm information may, but is not required to, contain informationregarding the detected alarm event including, but not limited to, thetype of sensor that detected it, and data from that sensor regarding thedetected alarm condition. In addition, security gateway 115 may, at thesame time, notify alarm receiver 740 at the central monitoring station136 of the alarm event through the secondary alarm channel (PSTN 145).Since this secondary notification channel is typically a low-bandwidthconnection, alarm video is generally not sent. However, in someembodiments, audio and other additional lower-bandwidth-intensive datais sent through PSTN 145. In these embodiments, alarm receiver 740alerts security system server 131 and one or more monitoring clients 133of the alarm condition at premises 110.

The primary means of this notification is through network 120. However,as discussed above, a secondary alarm notification may be used. When thesecondary PSTN alarm notification is used, the security gateway may beconfigured to seize the telephone line to report the alarm to amonitoring client 133. Typically, the secondary alarm network is oflow-bandwidth. Accordingly, only the alarm notification is sent.However, in some embodiments, a higher bandwidth network may be used forthe secondary alarm notification. In such cases, the alarm video mayalso be sent.

After receiving alarm notification 520, security system server 131relays the notification to one or more monitoring clients 133. Thesecurity system server 131 may also be configured to automaticallyretrieve stored data regarding the premises 110, the customer, or bothand provide it to the monitoring clients 133. Such information mayinclude, without limitation, an alarm history, whether the customer ison vacation, and any other information that the system may be configuredto store.

In step 530, monitoring client 133 notifies a monitoring operator ofalarm conditions and managing responses to these events. Preferably, thealarm video is received and displayed by monitoring client 133 closelyin time to the detection of the alarm condition such that if follow upaction is necessary, it can take place in a timely manner. For example,if security gateway 115 detects an alarm condition corresponding to apossible fire, it is imperative monitoring personnel notify firedepartment as quickly as possible.

CMS operators can retrieve customer contact information, pass codes, andsummaries of previous events. In addition, CMS operators can also accessaudio and video associated with the current alarm condition. Operatorscan access live audio and video from the home, and the operator canswitch between available cameras and control the muting of individualmicrophones. In addition, in certain circumstances video from non-alarmconditions may also be viewed—for example, with an exterior camera 112,positioned at the front door of a residence. In some embodiments, due toprivacy concerns, monitoring client 133 may be configured to only allowdisplay audio and video content associated with an open alarmconditions. Once the alarm condition has been closed by an operator,that content may no longer be made available for viewing. Optionally,monitoring client 133 may be configured to provided to CMS monitoringpersonnel for viewing video and audio content associated with closed(i.e. historical) alarm conditions. However, it other embodiments, itmay be desirable that CMS personnel be able to view certain non-alarmvideo to aid in verifying an alarm condition. For example, in oneembodiment, during the time an alarm condition remains open, CMSpersonnel may view non-alarm video that is related to the alarmcondition. In addition, controls can be implemented to address privacyconcerns. An example includes, but is not limited to, only providingnon-alarm video recorded during the time the security system is armed.It is noted that in some embodiments of the present invention, video isonly recorded when the system is armed. However, the present inventionis not limited as such.

In step 535, a monitoring person or monitoring personnel staffing themonitoring client 133 verifies whether the alarm signal corresponds toan actual alarm condition using the alarm signal information and thesegment of real-time video. In some instances, the alarm video isindeterminate as to whether the alarm signal corresponds to a falsealarm. Advantageously, various embodiments of the present inventionaddress this problem. For example, monitoring client 131 may beconfigured to allow monitoring personnel to request additional video orinformation 560 from security gateway 115 and/or security system server131. In addition, the monitoring client 133 may be configured toinitiate two-way audio communication with the monitored location toallow the monitoring personnel to attempt to obtain more information.Alternatively, monitoring personnel may call the monitored location orthe customer at a contact number to try to determine whether the alarmsignal is false. In some embodiments, indeterminate alarm signals may betreated as authentic.

If the alarm signal is deemed to be false, the monitoring client 133 mayinform security gateway 115 of this designation such that securitygateway 115 can take any appropriate follow up action(s). For example,security gateway 115 may immediately turn off any siren, bell, or otheraudio alarm 550. Other examples include but are not limited to securitygateway 115 resetting itself, logging the event, and/or adjusting itssensitivity settings to try to avoid future false alarms 555. Further,data center 132 may be configured to either manually and/orautomatically adjust said sensitivity settings to potentially avoidfuture false alarms 555.

If the alarm signal is deemed not to be a false alarm, monitoringpersonnel may take the appropriate follow-up action. Typically, thisincludes notifying the customer 540 and contacting the appropriateauthorities 545, which may be the police department, emergency medicaldispatch, or any other public safety agency. Advantageously, suchauthorities may be inclined to respond more promptly and/or with ahigher sense of urgency because the probability of the alarm being falseis reduced.

In some embodiments, the security system of the present invention mayintegrate directly with the systems of various emergency responseagencies. For example in one embodiment, upon verification of an alarmcondition at the central monitoring station, an alarm notification andalarm video may be transmitted directly into a police dispatch system.

FIG. 6 illustrates an exemplary embodiment of the security gateway. Asshown, security gateway 115 may include alarm control panel 610, videomodule 620, user interface 650, communications interface 640, and audiointerface 630. As shown, the components of security gateway 115 areconfigured to communicate with one another through system bus 605. Inother embodiments, some or all of the components may be directlyconnected or otherwise operatively coupled to one another.

Alarm control panel 610 performs many of the same functions astraditional alarm control panel. For example, alarm control panel 610interfaces with one or more sensors 105, which may be wired or wireless.In some embodiments, not shown, it may include an interface to the PSTN145. However, as shown, the interface to the PSTN may be contained inthe communications interface 640 instead of the alarm control panel 610.The alarm control panel 610 is preferably capable of operation inisolation as per UL requirements for residential fire applications andresidential burglary operations. Alarm control panel 610 is furthercapable of continuing to operate in the traditional manner regardless ofthe state of the video subsystem. In an exemplary embodiment of thepresent invention, alarm control panel 610 is a COTS unit.

Further, alarm control panel 610 may be configured to communicate withthe other components of the security system to monitor their operationalstate. Information that the alarm control panel 610 may receiveincludes, but is not limited to, whether security gateway 115 cancommunicate with the security system server through the communicationsinterface 640, information about AC power failure, trouble by zone, firetrouble, telephone line trouble, low battery, bell output trouble, lossof internal clock, tamper by zone, fail to communicate, module fault,camera trouble, and intercom trouble. The detected operational failureof any component in security gateway 115 may be indicated by acommunications loss between components and a concurrent alarm conditionreported by alarm control panel 610 and displayed for the user on userinterface 650 or announced through audio interface 630. In addition, anydetected operation failures may be communicated to the security systemserver through communications interface 640. Alarm control panel 610 mayalso be configured to record alarm conditions and associated data inmemory. The security system server may also be configured to recordalarm conditions and associated data in addition to or in lieu of alarmcontrol panel 610 doing so. In other embodiments, other components ofsecurity gateway 115 may be configured to perform this function. Forexample, in one embodiment, video module 620 records alarm conditionsand the associated data.

Video module 620 may perform many functions including but not limited toanalyzing data from alarm sensor 105 and/or video camera 112 todetermine whether an alarm condition exists; accessing data stored inmemory; generating alarm video to transmit to security system server 131in response to detection of an alarm condition; and communicating withsecurity system server 131 and remote user 155 through communicationsinterface 640. In addition, video module 620 may buffer video from videocameras 112 in memory. Then, based on predefined criteria, older videothat is not considered essential to any alarm signals may be discarded.Video module 620 may also be configured to record video, or portionsthereof, on a predetermined basis, which may correspond, for example, tothe requirements of the customer. Non-alarm video may be stored forlater retrieval by the customer. In one embodiment, the customer orremote user 155 may able to adjust said predetermined basis including,without limitation, adjusting the recording times, duration, and totallength of recordings. In some embodiments, non-alarm video may also besent to the security system server for storage.

Video module 620 is also capable of streaming live audio and video fromthe residence during alarm conditions, as well as for lifestyle viewingover the World Wide Web. If a video camera 112 is analog, video module620 may digitize the video before transmitting it. While streaming livemedia for lifestyle viewing, video module 620 causes alarm control panel610 and/or speakers 638 to emit an audible tone on a periodic basis.This notification is to address privacy concerns. No firewall orintrusion software is running on video module 620. Video module 620accepts network traffic on a limited number of ports (443, 2804, 7070).Typically the IP address of security gateway 115 may be assigned viaDHCP.

Video module 620 may include a PC motherboard, a four-gigabyte hard diskdrive, and a digital signal processor. The operating system for videomodule 620 is embedded Windows NT™. Video entering into video module 620from security cameras 112 is in either CVBS, NTSC, or PAL format. Videocompression may be based on the H.263 format. The audio compressionstandard for video module 620 may be ADPCM (16 Kbps). When securitysystem 100 is armed, audio and video data are constantly being stored inthe video module's memory for potential use as pre-event media. In oneparticular embodiment, video module 620 contains enough memory to storesixty seconds of pre-alarm video and audio from each camera 112 andmicrophone 634 in RAM and up to five minutes of audio/video content (percamera 112) on disk. When an alarm condition occurs, this cached datamay be stored more permanently.

In one embodiment, system 100 may include one or more “smart cameras”that have much of the functionality of the Video Module built in.Specifically, these smart cameras may be operable to perform videocapture, compression and storage and to communicate with the securitygateway using a home area network, e.g., wireless or power-line. Inessence, the smart camera would function as a network appliance that isable to receive instructions from the security gateway to control thesession, FPS, quality, bandwidth, support other supervised communicationfrom the gateway, and to transmit video and other information to thesecurity gateway. In one specific embodiment, the smart cameracompresses the video using the H.263 standard or better. Preferably,transmission between the camera and security gateway should be secureand reliable, even taking into account the relatively noisy householdenvironment. Optionally, the smart camera is operable to detect motionin the recorded image and send an alarm signal to the security gateway.

Audio interface 630 performs a similar function to video module 620 butwith respect to the audio components. In this embodiment, audiointerface 630 includes an audio transmitter, such as a speaker 638, andan audio receiver, such as a microphone 634. In a typical configuration,several microphones and speakers would be located throughout themonitored premises. The audio signals picked up by microphone(s) 634 arerecorded through audio interface 630. Audio interface 630 may record theaudio or it may transmit the audio to video module 620 for storage.Audio interface 630 may be capable of selecting an individual audioinput 634 or any combination of audio inputs 634. Further, audiointerface may play back audio signals through speaker(s) 638. In someembodiments of the present invention, a two-way streaming audio streammay be initiated between a remote user (such as a remote client ormonitoring station personnel) and the premises through audio interface630. In one embodiment, the H.323 standard is used for such two-waystreaming audio stream. Advantageously, the two-way audio stream allowsthe remote user to interact with the premises.

Communications interface 640 may serve as the gateway between securitygateway 115 and one or more communications networks such as the HFCplant 315, PSTN 145, WAN, LAN, and wireless networks. Communicationsinterface 640 may comprise software and hardware including, but notlimited to a cable modem, an xDSL modem, and/or a network interfacecard. In some embodiments, communications interface 640 may bephysically separate from the other components of security gateway 115.Regardless of its form, communications interface 640 assists in thecommunication of data to and security gateway 115 and security systemserver 131.

In one particular embodiment, upon detection of an alarm event, thealarm control panel 610 subsystem may initiate a dial-up connection andtransmit the alarm to a receiver in security system server 131. Moreparticularly, alarm control panel 610 may seize the telephone line inorder to report the alarm to monitoring client 133. Alternatively, suchfunctionality may be performed by communications interface 640. Fordelivering an alarm notification via the network, the video subsystem620 may initiate a network connection and transmits the alarm to areceiver in security system server 131. Compressed audio and video datamay also be transmitted. To conserve bandwidth, compressed audio streamstypically do not exceed 16 kbps, since audio is “toll quality” so thatboth parties may easily understand each other. Preferably, the video andaudio is playable with less than a 1-second shift in synchronization.

In addition, security gateway 115 may include user interface 650 thatcan activate or deactivate security system 100. In the illustrativeembodiment, user interface 650 is operatively coupled to keypad 657. Theuser could thereby activate or deactivate system 110 by entering apredetermined code on keypad 657. It will be understood with the benefitof this disclosure of those of skill in the art that any other type ofuser interface 650 may be used with this invention. For example,security gateway 115 may be activated or deactivated with a remoteportable transmitter 655. Wireless remote 655 communicates with userinterface 650 via wireless transceiver 652. Additional receivers may beused with the present invention to pick up weak signals. Securitygateway 115 is further capable of responding to up to 16 wirelessf-button key fobs for changing partition states of security system 100.The key fobs do not use any of the 32 wireless zones, and each key fobis identified to security gateway 115 as a unique user.

User interface 650 may further include a display for displayinginformation to the user. Such information may include, withoutlimitation, the current system status, whether an alarm condition hasbeen detected, and whether any components have failed. In addition,other non-system-related information such as the time, date, weatherforecasts, and news bulletins may be displayed.

In some embodiments, alarm control panel 610 supports dialup access byauthorized users to remotely configure the system. However, thepreferred mode of configuration is through a web site discussed belowwith respect to FIG. 7.

FIG. 7 is a more detailed illustration of the various components of thesecurity system server and monitoring station, according to oneembodiment of the present invention. These components may be softwareprograms executable on processor-based devices operable to communicatewith one another through LAN 705 and LAN 745, respectively. In oneparticular embodiment, these components are processor-based devicesoperating under the Microsoft Windows NT™ operating system. However, itis understood that the present invention is not limited to theillustrated configuration. For example, the components may beimplemented as software running on one or more computing devices.Alternatively, the components may be implemented in several devices thatmay be directly connected via communications interfaces (e.g., serial,parallel, IEEE 1394, IR, RF or USB).

As shown, security system server 131 may comprise alarm receiver 710,media handler 715, automation system server 720, web interface 732,application server 734 and messaging interface 738.

Alarm receiver 710 receives the alarm notification and associatedinformation from security gateway 115. The alarm event is then loggedand recorded by automation system server 720.

Alarm events reported by security gateway 115 via the PSTN are also sentto legacy alarm receiver 740. Legacy alarm receiver 740 posts the alarmcondition to automation system server 720. Monitoring client 133retrieves audio and video data from media handler 710. In one particularembodiment, the monitoring client 133 retrieves the audio and video datafrom media handler 710 using Microsoft's ActiveX component. In otherembodiments, other media handling/communications protocols may be used,including, without limitation, custom protocols. The communicationsprotocol is used to transmit audio and video content from media handler710, submit control messages (for selecting cameras, microphones, andspeakers during live feeds), and support Voice Over IP (VOIP) servicesbetween the residence and monitoring client 133 during an alarmcondition.

Automation system server 720 is generally configured to store customerdata, for example contact information, billing information, passwords,as well as alarm history. Alternatively, some or all of this informationbe stored in monitoring client 133 or at another remote site. Since thisdata is usually low bandwidth, dedicated bandwidth may not be necessary.However, it may be desirable for security purposes for it to remain indata center 132. Automation system server 720 may also serve as aworkflow system for operators responding to alarm conditions, as well asa log of all monitoring activity. In an exemplary embodiment, automationsystem server 720 is a database application based on, for exampleMicrosoft SQL Server 7, running under Windows NT. In another embodiment,automation system server 720 may be Monitoring Automation Systems'MAStermind™ server. CMS personnel may interface with automation systemserver 720 over the network via a client application, which may be builtinto monitoring client 133.

Media handler 710 is generally operable to provide several functions.For example, media handler 710 receives and stores video and audio dataassociated with alarm conditions from security gateway 115 and relaysalarm condition data, for example audio and video, to monitoring client133. Media handler 710 may also be responsible for keeping track of thenetwork addresses for all the security gateways 115 that are attached.For example, media handler 710 relays alarm conditions reported viaTCP/IP from security gateway 115 to automation system server 720. Mediahandler 710 may also provide access to audio and video associated withalarm conditions to authorized personnel for a predetermined time periodafter an alarm condition is detected. Additionally, media handler 710may relay control and configuration data destined for security gateways115. This data may originate either from a CMS operator throughmonitoring client 133 or from a remote client 155. The communicationsprotocol between monitoring client 133 and media handler 710 may beproprietary and/or may use standard protocols.

In most embodiments, the communication channel 134 between the datacenter and central monitoring station is secure, and accordingly, anunencrypted protocol may be used. In one particular embodiment, anunencrypted ASCII protocol over a TCP/IP connection may be used. Inconfigurations where the connection between the security system serverand monitoring client(s) is not secure, it may be desirable to use anencrypted protocol.

The connection between headend 320 and media handler 710 is preferably asecure communications link. Communication between security gateway 115and media handler 710 may be conducted over the cable modeminfrastructure using, for example, the TCP/IP or UDP protocol. Thecommunications protocol between security gateway 115 and media handler710 may provide secondary pathways for transmitting alarm notifications,relays configuration information to security gateway 115 (includingcontrol messages for arming and disarming partitions, bypassing zones,and selecting cameras, microphones, and speakers for live feeds),uploading pre-event and relevant non-alarm audio and video to mediahandler 710 during an alarm condition, transmitting live video and audioduring an alarm condition, supporting voice over IP (VOIP) servicesbetween the residence and monitoring client 133 during an alarmcondition, and performing software updates.

In the illustrative embodiment, upon detection of an alarm condition,security gateway 115 transmits an alarm signal and video correspondingto the alarm condition (this video may be referred to as “alarm video”)through headend 320 to media handler 710, which relays the informationto the central station in substantially “real-time.” In addition, alarmcontrol panel 610 reports the alarm condition to the security gateway'svideo module 620, which uses a network connection to report the alarmcondition to media handler 710, which in turn relays the information toautomation system server 720. In the present disclosure, the term“real-time” transmission is intended to generally mean that nosubstantive time period events between the captured event and thereceipt of alarm video corresponding to the event by monitoring client133. In an exemplary embodiment, automation system server 720 will,then, receive two notifications of every alarm condition. Automationsystem server 720 is capable of recognizing multiple notifications ofthe same alarm condition, and may ignore all but the first notification.Automation system server 720 transmits the alarm condition data andnotification to monitoring client 133. Monitoring client 133 may use thetransmitted alarm video to aid in the determination of whether the alarmsignal is a false alarm or not. Advantageously, the real-timetransmission permits central monitoring station 136 to respond to analarm signal in a timely manner. Timely response may increase the chanceof apprehending an intruder, and in the case of life-threateningcircumstances, reduce the likelihood of injury or death. Uponverification of the alarm signal, an operator at security system server131 may take any appropriate action including, but not limited to,contacting the proper authorities, and/or directing security gateway 115to sound an alarm.

Messaging interface 738 provides remote clients 155 with the ability toview and edit account information, arm and disarm their security system100, and view live and recorded media from their home, all through anetwork-based interface. In many embodiments, this network-basedinterface is an Internet website, or a portion of a website. After theremote user is authenticated, application server 734 provides and/orfacilitates the features available to remote client 155 throughmessaging interface 738. The particular features that are made availableare a design decision that may vary based upon several factors, whichmay include, without limitation, the permissions of the remote user andthe type of premises that is monitored. In one specific embodiment,application server 734 may run Dynamo under the Solaris operatingsystem.

In one particular embodiment, a three-tier architecture may be used toprovide such an interface. The first tier may consist of web serversrunning Internet Information Server (IIS) on Windows NT™, which isresponsible for static web content such as images. Requests for dynamiccontent may be forwarded to application server 734. Application server734 generally provides or facilitates all of the functionality that isaccessible to remote clients 155. The third tier is a database tier,that may be provided by automation system server 720. Data storage maybe, for example, a billing database. Authorized users may receiveinformation from the database regarding their account by accessingdatabase server 736.

Application server 734 may access automation system server 720 to obtainaccount information and issue commands ultimately destined for securitygateway 115. Communication between application server 734 and automationsystem server 720 may take the form of calls to stored proceduresdefined in the master database maintained by automation system server720.

In one particular embodiment, remote client 155 includes aweb-browser-based video client for accessing audio and video data.Typically, the web based video client is a web browser or a plug-in fora web browser. However, in some embodiments (not shown), a customsoftware program may be used to interface with web interface 732. Accessto web interface 732 requires successful authentication in the form of ausername and password. Preferably, all account-specific web content,including the login request, employs the secure HTTP protocol. In oneembodiment, each customer may be assigned a GeneralAdministrator (GA)account. GA accounts have full access to their respective associatedsecurity gateway 115. The GA account can also create a limited number ofguest accounts that have limited access to their respective associatedsecurity gateway 115. Typically, all account information is storedthrough automation system server 720, including surnames and passwords.Web interface 732 retrieves account data from automation system server720 for display via the Web, by means of one or more stored procedures.The GA can modify a subset of this account data and update thecorresponding entries in automation system server 720.

After the remote client 155 is authenticated, application server 734 maybe configured to allow a remote client 155 to view audio/visual contentfrom security gateway 115, communicate with automation system server 720to access customer data, and access features of the security system 100.In one embodiment, such features may include, without limitation, armingor disarming security system 100; adjusting sensitivities of sensors 105(if present); adjusting alarm condition detection sensitivity; remotesurveillance; adjusting camera 112 settings; and reviewing alarms andrecordings.

In particular, application server 734 may allow remote client 155 toaccess media directly from security gateway 115, as discussed below withrespect to FIG. 8. In one embodiment, a live feed from the residence isavailable with the ability to select among cameras 112 and microphones634. In some embodiments, only video from certain specified cameras isaccessible for remote clients. In addition, for privacy purposes, it maydesirable to provide an audible or visual indication that a remote useris receiving a video/audio feed. In some embodiments, application server734 may be configured to allow a remote client 155 to initiate a two-waystreaming audio connection with the security gateway 115 so that theremote client 155 can communicate through the speaker(s) andmicrophone(s) attached to security gateway 115.

Security gateway 115 may be configured to limit the transmission of alldata (heartbeat, control, video, and audio) to a configurable ceilingrelating to the remote client 155 access. Advantageously, this mayprovide the necessary amount of bandwidth to deliver the requestedservices, but prevents one user from creating a network bottleneck byrequesting too much data at once. In one embodiment, a 128 kbpstransmission ceiling is imposed. Access by web based video client 157 tosecurity gateway 115 may be preempted whenever an alarm condition occursso that CMS personnel have full control over cameras 112 and microphones634 to respond to the alarm condition.

Referring now to FIG. 8 a flowchart diagram is shown illustratingoperation of the present invention authenticating and allowing remoteaccess to features of security system. In particular, through anassociated website (provided through messaging interface 738 andapplication server 734), remote users may access such features asviewing and editing account information, arming and disarming theirsecurity system 100, and viewing live and recorded media from thepremises. The web browser/website interface transmits customer accountand authorization information.

In step 905, remote terminal 155 may connect to the website. In anexemplary embodiment, remote terminal 155 may connect using an InternetWorld Wide Web browser such as Netscape's NAVIGATOR or Microsoft'sINTERNET EXPLORER.

In step 910, remote user 155 provides the website with identificationinformation, for example a username and password. The type ofauthentication used in remote authorization may take many forms. Forexample, in one embodiment the media handler may require some sort of ausername and password combination. Further, it is to be understood bythe disclosure of one of skill in the art that any other proceduresuitable for authenticating the identity of remote terminal may be used.

The website interfaces with authentication system server 720 to verifythe identification information in step 920. If the information isdetermined to not be authentic in step 925, then remote user 155 isdenied access. In one outcome of step 925, remote user 155 is deniedaccess to security gateway 115 and its features. Precautions againstunauthorized access may be implemented, including, but not limited to,logging incidents of denied access.

If the information is correct, the user may access the account portionof the website 940. There, the user may change system settings such asusername and password, review alarm history, and/or access any otherfeatures made available through the application server. It is noted thateach user will only be able to access those features commensurate withthe permissions associated with the account. Once the user logs out 945,he or she must reconnect to the website and reenter authenticationinformation. Such features are provided through security system server131.

In addition, in step 950, media handler 715 provides the remote client157 with an access token that is digitally signed by the media handler715. In one particular embodiment, application server 734 accesses mediahandler 715 to obtain an access token. In this embodiment, the user logsinto messaging interface 738, which then allows user to request the webpage containing a plug-in. When this occurs, application server 734queries automation system server 720 for security gateway 115 privilegesassociated with the user's account (for example, a guest account may bepermitted to view only a subset of cameras 112 in the residence). Next,application server 734 submits a request to media handler 715 for anaccess token. This request encodes the username (for logging purposes),the identity of security gateway 115 to be accessed, the accesspermissions to be granted for the token, and the desired lifespan of thetoken, as well as the digital signature of the security system server.The response from media handler 715 contains the token (for example acharacter string) as well as the current network address for securitygateway 115. Application server 734 embeds the access token and securitygateway 115 IP address into the web page containing the plug-in and theresulting page is returned to the user's browser.

The remote client 155 may then connect directly to security gateway 115and provides security gateway 115 with the access token 955. It is notedthat the term “direct connection” means that communications between theremote client 155 and security gateway 115 do not pass through securitysystem server 131. The security gateway 115 inspects the token and isconfigured to trust valid digital signatures of the security systemserver. Accordingly, the presence of the token in the web page allowsthe remote client 157 to access audio and video from the customer'ssecurity gateway 115 without the need for all communication to betransmitted through data center 132.

Accordingly, the remote user may then connect directly to securitygateway 115 to perform remote surveillance through security gateway 115,check the system status, initiate a two-way audio conference, and/or anyother features made available by security gateway 115 and falling withinthe user's permissions. In some embodiments, only remote surveillanceand two-way audio conferencing is made available through securitygateway 115. In these embodiments, all non-media features are providedthrough security system server 131.

The remote surveillance feature allows remote user 155 to view all orportions of the video signal from video camera. Depending on thebandwidth of the connection, the video may be of a lower quality thanthat transmitted to central station for verification of alarm signals.For example, in one embodiment, the video transmitted to remote user 155may have a lower frame rate, lower resolution, and/or lower color depth.In addition, remote user 155 may be able to configure the quality of thevideo for remote monitoring.

In addition, depending on the remote user's level of permissions, theremote terminal may access remote features of security gateway 115directly through headend 320 to reconfigure security system 100. Onceauthenticated, remote user 155 may reconfigure some or all of thefeatures of security gateway 115. These features may include, withoutlimitation, arming or disarming security system 100; adjustingsensitivities of sensors (if present); adjusting alarm conditiondetection sensitivity; remote surveillance; adjusting camera settings;and reviewing alarms and recordings. Camera settings may include withoutlimitation pan, tilt, focus, brightness, contrast and zoom.

In some embodiments, media handler 715 may assign a lifespan to anaccess token. In such cases, after a pre-specified time or event, theaccess token expires 980 and remote user 155 may not access securitygateway 115 any longer. Further, when security system 100 detects thatthe user has logged out or disconnected from the security system, anyaccess token provided by security system 100 expires.

In step 990, the remote client 157 is disconnected and the access tokenexpires. In some embodiments, media handler 715 may assign a lifespan toan access token. In such cases, after a pre-specified time, the accesstoken expires and remote user 155 may not access security system 100 anylonger. To access to the features of the security gateway, the user mustreconnect to the website 905 and provide valid authenticationinformation.

The present invention also overcomes similar problems with personalemergency response systems (PERS) and telemedicine including telehealth.The monitoring clients in these applications can now use the video andalarm to better diagnose the problem. In many ways, alarms from healthsensors, emergency panic buttons and the like are similar to alarmsensors in terms of generating false and unwanted alarms.

The present invention can be also used in many different verticalsegments within the security industry. In this present invention, theaudio and video digitization and processing including compression iscentralized at the security gateway. As processors become less expensiveand more efficient, these functions can be done at the individual cameraor at the audio station. The security gateway may then act as a centralcommunications and controller for the cameras, audio stations andvarious other sensors.

The preceding examples are included to demonstrate embodiments of theinvention. It should be appreciated by those of skill in the art thatthe techniques disclosed in the examples which follow representtechniques discovered by the inventor to function well in the practiceof the invention, and thus can be considered to constitute preferredmodes for its practice. However, those of skill in the art should, inlight of the present disclosure, appreciate that many changes can bemade in the specific embodiments which are disclosed and still obtain alike or similar result without departing from the spirit and scope ofthe invention.

What is claimed is:
 1. A security system comprising: a security gatewaylocated at a premises, wherein the security gateway is operable todetect an alarm condition and to receive video of at least a portion ofthe premises relating to the alarm condition; a first network coupled tothe security gateway; and a second network coupled to the securitygateway; wherein the security gateway is configured to cause transfer ofalarm information comprising at least a portion of the received videoand a first notification of the alarm condition in substantially realtime through only the first network, and wherein the security gateway isfurther configured to cause transfer of a second notification of thealarm condition through the second network.
 2. The system of claim 1,wherein the first network is an IP network, an Ethernet-based network,the Internet, a frame relay network, a hybrid-fiber coaxial network, afiber-optic network, a DSL network, an ATM network, a high-speed fixedwireless network, or a high-speed mobile network, or a combinationthereof.
 3. The system of claim 1, wherein the second network comprisesa public switched telephone network, a fixed wireless network, or amobile communications network, or a combination thereof.
 4. The systemof claim 1, wherein the security gateway is further operable to receiveaudio from at least a portion of the premises relating to the alarmcondition, and wherein the security gateway is further configured tocause transfer of the received audio through the second network insubstantially real time.
 5. The system of claim 1, wherein the securitygateway is further configured to detect if connectivity through thefirst network is modified and to cause transfer of a notification signalthrough the second network of the-modification of connectivity throughthe first network.
 6. The system of claim 1, wherein the securitygateway is further configured to cause transfer of one or more of thealarm information and the second notification to a mobile device.
 7. Asecurity system comprising: a security gateway located at a premises,wherein the security gateway is operable to detect an alarm conditionand to receive video of at least a portion of the premises relating tothe alarm condition; a first network coupled to the security gateway;and a second network coupled to the security gateway, wherein thesecurity gateway is configured to cause transfer of alarm informationcomprising the received video and a first notification of the alarmcondition in substantially real time through the first network, andwherein the security gateway is further configured to cause transfer ofa second notification of the alarm condition through the second networksubstantially simultaneously with causing the transfer of the alarminformation through the first network.
 8. The system of claim 7, whereinthe first network comprises an IP network, an Ethernet-based network,the Internet, a frame relay network, a hybrid-fiber coaxial network, afiber-optic network, a DSL network, an ATM network, a high-speed fixedwireless network, or a high-speed mobile network, or a combinationthereof.
 9. The system of claim 7, wherein the security gateway isfurther operable to receive audio from at least a portion of thepremises relating to the alarm condition, and wherein the securitygateway is further configured to cause transmission of the receivedaudio through the second network in substantially real time.
 10. Thesystem of claim 7, wherein the security gateway is further configured todetect if connectivity through the first network is modified and causetransfer of a notification signal through the second network of themodification of connectivity through the first network.
 11. A securitysystem comprising: a security gateway located at a premises, wherein thesecurity gateway is operable to detect an alarm condition and to receivevideo of at least a portion of the premises relating to the alarmcondition; first computing device operatively coupled to the securitygateway through a first network, wherein the security gateway isconfigured to cause transfer to the first computing device alarminformation comprising a first notification of the alarm condition andthe at least a portion of the received video through the first network;and a second computing device operatively coupled to said securitygateway through a second network, wherein the security gateway isconfigured to cause transfer to the second computing device a secondnotification of the alarm condition without causing transfer of thereceived video through the second network, wherein the second computingdevice is further operably coupled to the first computing device,wherein the second computing device is configured to cause transfer tothe first computing device a third notification of the alarm condition.12. The system of claim 11, wherein the second computing device isoperatively coupled to the first computing device through a thirdnetwork and wherein the second computing device is configured to causetransfer to the first computing device the third notification of thealarm condition through the third network.
 13. The system of claim 12,wherein the security gateway is configured to cause transfer to thefirst computing device the alarm information through the first networksubstantially simultaneously with causing transfer to the secondcomputing device the second notification of the alarm condition throughthe second network.
 14. The system of claim 11, wherein the secondcomputing device is operatively coupled to the first computing devicethrough the first network and wherein the second computing device isconfigured to cause transfer to the first computing device the thirdnotification of the alarm condition through the first network.
 15. Thesystem of claim 14, wherein the security gateway is configured to causetransfer to the first computing device the alarm information through thefirst network substantially simultaneously with causing transfer to thesecond computing device the second notification of the alarm conditionthrough the second network.
 16. The system of claim 11, wherein one ormore of the first computing device and the second computing device is amobile device.
 17. A method comprising: detecting an alarm condition;receiving video of at least a portion of the premises relating to thealarm condition; transmitting alarm information comprising at least aportion of the received video and a first notification of the alarmcondition through only the first network; and transmitting a secondnotification of the alarm condition through the second network.
 18. Themethod of claim 17, wherein the first network comprises an IP network,an Ethernet-based network, the Internet, a frame relay network, ahybrid-fiber coaxial network, a fiber-optic network, a DSL network, anATM network, a high-speed fixed wireless network, or a high-speed mobilenetwork, or a combination thereof.
 19. The method of claim 17, whereinthe second network comprises a public switched telephone network, afixed wireless network, or a mobile communications network, or acombination thereof.
 20. The method of claim 17, wherein the videocomprises audio information.
 21. The method of claim 17, wherein one ormore of the alarm information and the second notification is transmittedto a mobile device.
 22. A method comprising: detecting an alarmcondition; receiving video of at least a portion of the premisesrelating to the alarm condition; and transmitting alarm informationcomprising at least a portion of the received video and a firstnotification of the alarm condition in-substantially real time throughthe first network; and transmitting a second notification of the alarmcondition through the second network substantially simultaneously withtransmitting the alarm information through the first network.
 23. Themethod of claim 22, wherein the first network comprises an IP network,an Ethernet-based network, the Internet, a frame relay network, ahybrid-fiber coaxial network, a fiber-optic network, a DSL network, anATM network, a high-speed fixed wireless network, or a high-speed mobilenetwork, or a combination thereof.
 24. The method of claim 22, whereinthe second network comprises a public switched telephone network, afixed wireless network, or a mobile communications network, or acombination thereof.
 25. The method of claim 22, wherein the videocomprises audio information.
 26. The method of claim 22, wherein one ormore of the alarm information and the second notification is transmittedto a mobile device.